Mercurial > repos > other > Puppet

view modules/website/manifests/init.pp @ 115:b35a9df52965 puppet-3.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Make sure that custom config comes before site configs
author IBBoard <dev@ibboard.co.uk>
date Tue, 28 Jun 2016 20:36:42 +0100
parents 00453eecda4c
children 95502bafeaa3
line wrap: on
line source

class website(
  $base_dir,
  $cert_dir           = '/etc/pki/custom',
  $ssl_chain          = 'ca-chain.pem',
  $primary_ip,
  $secondary_ip,
  $default_owner,
  $default_group,
  $default_tld        = 'com',
  $default_extra_tlds = []
  ){

  validate_re($base_dir, '^(/[^/]+)*$',
  "${base_dir} is invalid - base_dir must be a directory without trailing slash.")
  validate_re($cert_dir, '^(/[^/]+)*$',
  "${cert_dir} is invalid - cert_dir must be a directory without trailing slash.")
  validate_array($default_extra_tlds)

  $basedir = $base_dir
  $certdir = $cert_dir
  $docroot_owner = $default_owner
  $docroot_group = $default_group
  $ca_chain = $ssl_chain
  $tld = $default_tld
  $extra_tlds = $default_extra_tlds
  $htmlphpfragment = "Include conf.extra/html-php.conf"
  $filterfragment = "Include conf.custom/filter.conf"
  $cmsfragment = "Include conf.extra/cms_rewrites.conf"

  class { 'apache':
    default_mods => false,
    default_vhost => false,
    mpm_module => false,
  }
  class { 'apache::mod::dir': indexes => [ 'index.html' ] }
  class { 'apache::mod::prefork':
    serverlimit => 45,
    maxclients => 45,
    maxspareservers => 6,
  }
  apache::mod {
    'rewrite':;
    'expires':; 'setenvif':; 'headers':;
    'version':;
  }
  file { $base_dir:
    ensure => directory;
  }
  file { '/var/log/apache':
    ensure => directory,
    mode   => '0750',
    group  => 'apache',
  }
  file { '/etc/httpd/conf.extra':
    ensure => directory,
    recurse => true,
    source => "puppet:///modules/website/conf.extra",
    notify => Service['httpd'];
  }
  file { '/etc/httpd/conf/mime.types':
    ensure => present,
    source => "puppet:///modules/website/mime.types",
    notify => Service['httpd'];
  }
  file { '/etc/php.d/datetime.ini':
    ensure => present,
    source => "puppet:///modules/website/datetime.ini",
    notify => Service['httpd'];
  }
  file { '/etc/httpd/conf.d/zzz-custom.conf':
    ensure => absent,
    notify => Service['httpd'];
  }
  file { '/etc/httpd/conf.d/zzz-0-custom.conf':
    ensure => present,
    source => "puppet:///modules/website/zzz-0-custom.conf",
    notify => Service['httpd'];
  }
  file { '/etc/httpd/conf.d/php.conf':
    ensure => present,
    source => "puppet:///modules/website/php.conf",
    notify => Service['httpd'];
  }
  file { '/etc/httpd/conf.custom':
    ensure => directory,
    recurse => true,
    source => "puppet:///private/apache/conf.custom",
    notify => Service['httpd']; 
  }
  file { $cert_dir:
    ensure => directory;
  }
  if $operatingsystem == 'CentOS' and versioncmp($operatingsystemrelease, 7) >= 0 {
    exec { 'set_apache_defaults':
      command => 'semanage fcontext -a -t httpd_sys_content_t "/srv/sites(/.*)?"',
      path    => '/bin:/usr/bin/:/sbin:/usr/sbin',
      require => Package['policycoreutils-python'],
      unless  => 'semanage fcontext --list | grep "/srv/sites\\(/\\.\\*\\)\\?"',
    }
  }
}